commit 3064497debf5869fb640073e340066076bf09954
Author: xggz <yyimba@qq.com>
Date:   Tue Jul 27 17:32:41 2021 +0800

    :tada: Init

diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..4469762
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,6 @@
+FROM elastic/filebeat:6.3.2
+COPY filebeat.yml /usr/share/filebeat/filebeat.yml
+USER root
+VOLUME ["/volume"]
+RUN chmod 777 /volume && \
+chown root:filebeat /usr/share/filebeat/filebeat.yml
\ No newline at end of file
diff --git a/filebeat.yml b/filebeat.yml
new file mode 100644
index 0000000..ac20f82
--- /dev/null
+++ b/filebeat.yml
@@ -0,0 +1,52 @@
+filebeat.config:
+  prospectors:
+    path: ${path.config}/prospectors.d/*.yml
+    reload.enabled: true
+  modules:
+    path: ${path.config}/modules.d/*.yml
+    reload.enabled: false
+
+filebeat.inputs:
+  - type: log
+    enabled: true
+    paths:
+      - ${INPUT_PATH:/volume/*.log}
+    fields:
+      project-name: ${PROJECT_NAME:unown}
+    multiline:
+      pattern: '^\['
+      negate: true
+      match: after
+      max_lines: 200
+    ignore_older: 168h
+    tail_files: true
+
+processors:
+  - add_cloud_metadata:
+
+output.elasticsearch:
+  hosts: ["127.0.0.1:9200"]
+  username: "${ES_NAME:elastic}"
+  password: "${ES_PASS:changeme}"
+  index: "${INDEX_NAME:filebeat}-%{+yyyy.MM.dd}"
+  timeout: 180
+  backoff.max: 120
+
+# kibanan setup
+setup.kibana:
+  host: "127.0.0.1:5601"
+  username: "${ES_USERNAME:elastic}"
+  password: "${ES_PASS:changeme}"
+
+setup:
+  template:
+    enabled: true
+    name: "${INDEX_NAME:filebeat}"
+    pattern: "${INDEX_NAME:filebeat}-*"
+
+# enable dashboards
+setup.dashboards.enabled: true
+setup.dashboards.index: "${INDEX_NAME:filebeat}-*"
+setup.dashboards.retry.enabled: true
+setup.dashboards.retry.interval: 3
+setup.dashboards.retry.maximum: 20
\ No newline at end of file